CVE-2004-1104

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL.

Ссылки

http://secunia.com/advisories/11273
http://www.kb.cert.org/vuls/id/702086
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/379903
http://www.securityfocus.com/archive/1/425386/100/0/threaded
http://www.securityfocus.com/archive/1/425883/100/0/threaded
http://www.securityfocus.com/bid/11565
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17938
http://secunia.com/advisories/11273
http://www.kb.cert.org/vuls/id/702086
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/379903
http://www.securityfocus.com/archive/1/425386/100/0/threaded
http://www.securityfocus.com/archive/1/425883/100/0/threaded
http://www.securityfocus.com/bid/11565
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17938

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.37165

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9pp9-78gm-f2c2

github

больше 3 лет назад